ospdo adoption dataplane adoption (#692)

* Add Director Operator dataplane_adoption scripts for adoption Related CI patch and background: https://gitlab.cee.redhat.com/ci-framework/ci-framework-jobs/-/merge_requests/966 Jiras: https://issues.redhat.com/browse/OSPRH-1891 https://issues.redhat.com/browse/OSPRH-2984 * fix lint * fix lint * fix lint * fix lint * update vars * update org_ns var
openstack-k8s-operators · Nov 5, 2024 · 7065044 · 7065044
1 parent 730b675
commit 7065044
Show file tree

Hide file tree

Showing 4 changed files with 169 additions and 5 deletions.
diff --git a/tests/roles/dataplane_adoption/defaults/main.yaml b/tests/roles/dataplane_adoption/defaults/main.yaml
@@ -272,3 +272,16 @@ dataplane_cr: |
           ovn_monitor_all: true
           edpm_ovn_remote_probe_interval: 60000
           edpm_ovn_ofctrl_wait_before_clear: 8000
+
+dpa_dir: "../.."
+dpa_tests_dir: "{{ dpa_dir }}/tests"
+
+# ospdo env:
+# Whether source env is OSPD Director Operator
+# i.e. https://github.com/openstack-k8s-operators/osp-director-operator
+ospdo_src: false
+# rhoso namespace
+rhoso_namespace: "openstack"
+# director operator namespace
+org_namespace: "openstack"
+# adoption repo default location
diff --git a/tests/roles/dataplane_adoption/tasks/main.yaml b/tests/roles/dataplane_adoption/tasks/main.yaml
@@ -13,7 +13,7 @@
     {{ shell_header }}
     {{ oc_header }}
     {{ oc_login_command }}
-    oc patch -n openstack openstackversion openstack \
+    oc patch -n {{ rhoso_namespace }} openstackversion openstack \
       --type='json' -p='[{
       "op":"replace", "path":"/spec/customContainerImages/ansibleeeImage",
       "value": "{{ ansibleee_runner_img | default('quay.io/openstack-k8s-operators/openstack-ansibleee-runner:latest')}}"}]'
@@ -23,13 +23,18 @@
   ansible.builtin.shell: |
     {{ shell_header }}
     {{ oc_header }}
-    oc project openstack
+    oc project {{ rhoso_namespace }}
 
 - name: Include RHEV vars
   ansible.builtin.include_vars:
     file: rhev.yaml
   when: platform_rhev|default(false)
 
+- name: Include OSPdO vars
+  ansible.builtin.include_vars:
+    file: ospdo.yaml
+  when: ospdo_src| bool
+
 - name: ensure IPAM is configured
   no_log: "{{ use_no_log }}"
   ansible.builtin.shell: |
@@ -51,6 +56,10 @@
   register: edpm_privatekey
   when: edpm_encoded_privatekey is undefined
 
+- name: execute alternative tasks when source env is ODPdO
+  ansible.builtin.include_tasks: ospdo_dataplane.yaml
+  when: ospdo_src| bool
+
 - name: create dataplane-adoption-secret.yaml
   no_log: "{{ use_no_log }}"
   ansible.builtin.shell: |
@@ -64,6 +73,7 @@
     data:
         ssh-privatekey: "{{ edpm_encoded_privatekey | default(edpm_privatekey.content) }}"
     EOF
+  when: not ospdo_src| bool
 
 - name: generate an ssh key-pair nova-migration-ssh-key secret
   when: compute_adoption|bool
@@ -74,7 +84,7 @@
     cd "$(mktemp -d)"
     ssh-keygen -f ./id -t ecdsa-sha2-nistp521 -N ''
     oc get secret nova-migration-ssh-key || oc create secret generic nova-migration-ssh-key \
-    -n openstack \
+    -n  {{ rhoso_namespace }} \
     --from-file=ssh-privatekey=id \
     --from-file=ssh-publickey=id.pub \
     --type kubernetes.io/ssh-auth
@@ -94,7 +104,7 @@
     kind: ConfigMap
     metadata:
       name: nova-extra-config
-      namespace: openstack
+      namespace:  {{ rhoso_namespace }}
     data:
       19-nova-compute-cell1-workarounds.conf: |
         [workarounds]
@@ -115,7 +125,7 @@
     kind: ConfigMap
     metadata:
       name: nova-extra-config
-      namespace: openstack
+      namespace: {{ rhoso_namespace }}
     data:
       19-nova-compute-cell1-workarounds.conf: |
         [workarounds]

diff --git a/tests/roles/dataplane_adoption/tasks/ospdo_dataplane.yaml b/tests/roles/dataplane_adoption/tasks/ospdo_dataplane.yaml
@@ -0,0 +1,32 @@
+# Take the private ssh key (id_ra) from the /home/cloud-admin/.ssh/ directory of the openstackclient pod and create a secret in the osp18 namespace
+- name: Create secret from openstackclient pod
+  ansible.builtin.shell: |
+      {{ shell_header }}
+      {{ oc_header }}
+      oc apply -f - <<EOF
+      apiVersion: v1
+      kind: Secret
+      metadata:
+          name: dataplane-adoption-secret
+          namespace: {{ rhoso_namespace }}
+      data:
+          ssh-privatekey: |
+      $(oc exec -n {{ org_namespace }} -t openstackclient openstackclient -- cat /home/cloud-admin/.ssh/id_rsa | base64 | sed 's/^/        /')
+      EOF
+
+
+# needed for : https://github.com/openstack-k8s-operators/openstack-operator/blob/37f12745cc6971241f6d24fa9b0a28d39a428be7/config/services/dataplane_v1beta1_openstackdataplaneservice_libvirt.yaml#L8
+- name: Create secret for OpenStackDataPlaneService
+  ansible.builtin.shell: |
+    LIBVIRT_PASSWORD=$(grep <"${PASSWORD_FILE}" ' LibvirtTLSPassword:' | awk -F ': ' '{ print $2; }')
+
+    oc apply -f - <<EOF
+    apiVersion: v1
+    data:
+    LibvirtPassword: $(echo -n "${LIBVIRT_PASSWORD}" | base64)
+    kind: Secret
+    metadata:
+    name: libvirt-secret
+    namespace: {{ rhoso_namespace }}
+    type: Opaque
+    EOF
diff --git a/tests/roles/dataplane_adoption/vars/ospdo.yaml b/tests/roles/dataplane_adoption/vars/ospdo.yaml
@@ -0,0 +1,109 @@
+# Specific OSPdO Adoption vars
+# ospdo nodes deployment configuration template
+edpm_nodes:
+    compute-0:
+      # Use a FQDN here to avoid issues with value specified in netconfig.yaml
+        hostName: compute-0.osptest.test.metalkube.org
+        ansible:
+            ansibleHost: 172.22.0.170
+            ansibleUser: cloud-admin
+        networks:
+            - name: ctlplane
+              fixedIP: 172.22.0.170
+              subnetName: ctlplane
+            - name: internalapi
+              fixedIP: 172.17.0.170
+              subnetName: internalapi
+            - name: storage
+              fixedIP: 172.18.0.170
+              subnetName: storage
+            - name: tenant
+              fixedIP: 172.20.0.170
+              subnetName: tenant
+    compute-1:
+        # Use a FQDN here to avoid issues with value specified in netconfig.yaml
+        hostName: compute-1.osptest.test.metalkube.org
+        ansible:
+            ansibleHost: 172.22.0.180
+            ansibleUser: cloud-admin
+        networks:
+            - name: ctlplane
+              fixedIP: 172.22.0.180
+              subnetName: ctlplane
+            - name: internalapi
+              fixedIP: 172.17.0.180
+              subnetName: internalapi
+            - name: storage
+              fixedIP: 172.18.0.180
+              subnetName: storage
+            - name: tenant
+              fixedIP: 172.20.0.180
+              subnetName: tenant
+
+edpm_network_config_template: |
+ ---
+           {% set mtu_list = [ctlplane_mtu] %}
+           {% for network in nodeset_networks %}
+           {{ mtu_list.append(lookup('vars', networks_lower[network] ~ '_mtu')) }}
+           {%- endfor %}
+           {% set min_viable_mtu = mtu_list | max %}
+           network_config:
+           # BMH provisioning interface used for ctlplane
+           - type: interface
+             name: nic 1
+             mtu: 1500
+             use_dhcp: false
+             dns_servers: {{ ctlplane_dns_nameservers }}
+             domain: {{ dns_search_domains }}
+             addresses:
+             - ip_netmask: {{ ctlplane_ip }}/{{ ctlplane_cidr }}
+             routes: {{ ctlplane_host_routes }}
+           # Disable OCP cluster interface
+           - type: interface
+             name: nic2
+             mtu: 1500
+             use_dhcp: false
+           {% for network in nodeset_networks %}
+           {% if network in ["external"] %}
+           - type: ovs_bridge
+             name: {{ neutron_physical_bridge_name }}
+             mtu: 1500
+             dns_servers: {{ ctlplane_dns_nameservers }}
+             use_dhcp: false
+             members:
+             - type: interface
+               name: nic3
+               mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }}
+               primary: true
+           {% endif %}
+           {% endfor %}
+           - type: ovs_bridge
+             name: br-tenant
+             mtu: {{ min_viable_mtu }}
+             use_dhcp: false
+             members:
+             - type: interface
+               name: nic4
+               mtu: {{ min_viable_mtu }}
+               use_dhcp: false
+               primary: true
+           {% for network in nodeset_networks %}
+           {% if network not in ["external"] %}
+             - type: vlan
+               mtu: {{ lookup('vars', networks_lower[network] ~ '_mtu') }}
+               vlan_id: {{ lookup('vars', networks_lower[network] ~ '_vlan_id') }}
+               addresses:
+               - ip_netmask:
+                   {{ lookup('vars', networks_lower[network] ~ '_ip') }}/{{ lookup('vars', networks_lower[network] ~ '_cidr') }}
+               routes: {{ lookup('vars', networks_lower[network] ~ '_host_routes') }}
+           {% endif %}
+           {% endfor %}
+
+
+neutron_physical_bridge_name: br-ex
+neutron_public_interface_name: nic3
+edpm_ovn_bridge_mappings: datacentre:br-ex
+
+edpm_sshd_allowed_ranges:
+    - 192.168.122.0/24
+    - 172.22.0.0/24